If a data breach can happen at an enterprise as large as Target, it’s safe to say it can happen anywhere.
The recent news that the credit and debit card information of some 40 million Target customers was compromised stresses the importance of decision-makers ensuring that sensitive data is thoroughly protected. Hackers reportedly gained access to the personal information of all Target customers who used their cards to shop at the retailer between Nov. 27 and Dec. 15, 2013.
How’d that happen? The retailer has yet to divulge the hackers’ methods, but some industry experts suspect that Target’s point-of-sale terminals were infected with malware that copied and transmitted the credit card information stored on a credit card’s magnetic strip. Other analysts suspect it was an inside job.
The holiday-season breach couldn't have come at a worse time. Because of the consumer protections in place, however, the data-theft victims are unlikely to suffer long-term financial losses. But those customers did have their credit and withdrawal limits lowered in the wake of the attack, timing which likely didn't sit too well for many of them ahead of the holidays.
To try to make amends, Target offered customers a 10 percent discount on recent purchases, free credit reporting, and promised the consumers wouldn't be held accountable for fraudulent charges. The discount retailer also warned its customers about possible scams resulting from the breach. It remains to be seen if these moves will restore customer confidence; in any case, the bad press generated is likely to somewhat impede sales, at least in the near future.
Target’s data breach comes in the wake of similar data breaches that occurred at Best Buy in 2011 and at TJX, the parent company of T.J. Maxx, in 2007. At Best Buy, customers’ email addresses were stolen through third-party vendors – twice in two months – then sent malware and viruses. In the case of TJX, more than 45 million customers’ credit card information was stolen. TJX was forced to pay a fine up to $40.9 million for that breach.
Though these breaches are difficult to entirely eradicate as criminals continue to find new methods, forward-thinking companies can take strong steps to safeguard themselves from such attacks, preventing negative publicity and hefty fines. One such step is to team with a managed security provider that will take proactive steps protecting sensitive data.
Managed security providers offer firewall protection, intrusion prevention, antivirus and anti-spyware services, PCI compliance and much more. By employing their services, business-owners are able to focus on other mission-critical aspects of their organizations while leaving a team of professionals in charge of ensuring the safety of the sensitive data in their systems.
Just because major corporations like Target, Best Buy and TJX had to suffer data breaches and the resulting fallout before learning the consequences of failing to commit to security doesn't mean your business has to suffer the same fate. Click here to learn about Hostway's managed security offerings, guaranteed to strengthen the protection of your most sensitive data.
SOURCES:
http://www.reuters.com/article/2013/12/25/us-target-databreach-idUSBRE9BN0L220131225
http://www.informationweek.com/security/attacks-and-breaches/target-breach-10-facts/d/d-id/1113228